﻿using System;
using System.Web.Mvc;
using Ninject;
using Agro.Services;
using Agro.Library;
using System.Data;

namespace Agro.Web {

    /// <summary>
    /// 菜单权限验证
    /// </summary>
    public class AuthorizeMenu : FilterAttribute, IActionFilter {

        [Inject]
        public IMenuService MenuService { get; set; }

        //action执行后
        public void OnActionExecuted(ActionExecutedContext filterContext) {

        }

        //action执行时
        public void OnActionExecuting(ActionExecutingContext filterContext) {
            string url = filterContext.HttpContext.Request.RawUrl;
            CurrentUser user= new CurrentUser();
            DataTable dtMenus = MenuService.GetUserMenuIdDT(user);
            dtMenus.CaseSensitive = true;
            bool hasPermission = dtMenus.Select("Menu_Url='" + url + "'").Length > 0;
            if (!hasPermission) {
                throw new Exception("没有访问权限");
            }
        }
    }
}